20 Commits

Author SHA1 Message Date
topjohnwu
d6fb9868bf Small sepolicy refactor and fixes 2019-11-19 05:20:18 -05:00
osm0sis
cba0d04000 magiskpolicy: rules: standardize update_engine sepolicy when rooted
The state of ROM A/B OTA addon.d-v2 support is an inconsistent mess currently:
- LineageOS builds userdebug with permissive update_engine domain, OmniROM builds userdebug with a more restricted update_engine domain, and CarbonROM builds user with a hybrid closer to Omni's
- addon.d-v2 scripts cannot function to the full extent they should when there is a more restricted update_engine domain sepolicy in place, which is likely why Lineage made update_engine completely permissive

Evidence for the above:
- many addon.d-v2 scripts only work (or fully work) on Lineage, see below
- Magisk's addon.d-v2 script would work on Lineage without issue, but would work on Carbon and Omni only if further allow rules were added for basic things like "file read" and "dir search" suggesting these ROMs' addon.d-v2 is severely limited
- Omni includes a /system/addon.d/69-gapps.sh script with the ROM itself (despite shipping without GApps), and with Magisk's more permissive sepolicy and no GApps installed it will remove important ROM files during OTA, resulting in a bootloop; the issue with shipping this script was therefore masked by Omni's overly restrictive update_engine sepolicy not allowing the script to function as intended

The solution:
- guarantee a consistent addon.d-v2 experience for users across ROMs when rooted with Magisk by making update_engine permissive as Lineage has
- hopefully ROMs can work together to come up with something standard for unrooted addon.d-v2 function
2019-09-23 07:55:25 -04:00
osm0sis
7058d5e4cd magiskpolicy: rules: fix writing to loop devices using upstream sepolicy 2019-07-14 22:09:26 -07:00
osm0sis
33c9f74508 magiskpolicy: rules: fix rootfs operations with SAR Magisk
- while many newer devices cannot allow / (system partition) to be mounted rw due to compressed fs (e.g. erofs) or logical partitions, it should remain possible to alter rootfs files/directories on those that previously allowed it
2019-07-07 12:33:20 -07:00
topjohnwu
ff3710de66 Minor code changes across all sources 2019-06-30 19:09:31 -07:00
topjohnwu
e29b712108 Start Magisk in SAR 2019-06-25 23:31:59 -07:00
topjohnwu
8d68ebb074 Revert ioctl rules 2019-04-29 21:25:57 -04:00
topjohnwu
5f53cfb4a9 Update sepolicy rules 2019-04-29 20:26:51 -04:00
topjohnwu
003e44fb84 Remove requirement to use early-init daemon
We used to construct /sbin tmpfs overlay in early-init stage after
SELinux is properly initialized. However the way it is implemented
(forking daemon from magiskinit with complicated file waiting triggers)
is extremely complicated and error prone.

This commit moves the construction of the sbin overlay to pre-init
stage. The catch is that since SELinux is not present at that point,
proper selabel has to be reconstructed afterwards. Some additional
SEPolicy rules are added to make sure init can access magisk binaries,
and the secontext relabeling task is assigned to the main Magisk daemon.
2019-04-24 00:13:48 -04:00
topjohnwu
c134fb1939 Remove unnecessary rules 2019-03-08 04:21:23 -05:00
topjohnwu
6c3896079d Add zygote server notifier 2019-03-05 20:23:27 -05:00
corsicanu
0f61c627b1 Support deodexed ROM on Pie (Samsung)
- cc @abrahamgcc
2019-02-18 03:32:56 -05:00
topjohnwu
71ecbb3af3 Clean/refactor includes 2019-02-10 03:57:51 -05:00
topjohnwu
c8491d008f Move sbin overlay creation to magiskinit 2019-02-09 01:51:46 -05:00
topjohnwu
c30faad838 Allow all binder operations for root processes 2019-02-02 13:24:55 -05:00
topjohnwu
2a2e1236fc Use magic macros 2018-12-01 03:53:58 -05:00
topjohnwu
51e9ff59de Temporarily suppress warnings when applying Magisk rules 2018-11-29 06:31:05 -05:00
topjohnwu
2977dbcded Remove all dontaudit in magisk rules 2018-11-29 06:28:37 -05:00
topjohnwu
762b678d24 Prevent any SELinux issues of root shell streams 2018-11-23 21:08:06 -05:00
topjohnwu
3d269fe8be Migrate MagiskInit to C++ 2018-11-08 04:20:16 -05:00